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REMARKS 

Claims 32-55 were examined, and all were rejected. Claims 43 and 51 have been 
canceled. Claims 32, 44, 52, 53, and 55 have been amended to more distinctly claim subject 
matter which the applicants regard as the invention, as explained below. Consequential changes 
were made to the wording of claims 33, 42, and 50. Claim 56 is new. No new matter has been 
introduced into the application by these amendments. Claims 32-42, 44-50, and 52-56 are 
pending after this amendment. 

Telephone interview: 

Applicants thank the Examiner (Baotran To) for the courtesy and cooperation extended to 
Applicants 5 undersigned representative at a telephone interview on March 3, 2010. 

It was explained that the basic concept underlying claims 32 and 44, as now presented, is 
that the Transparent Encryption Appliance (TEA) is a separate device interposed between the 
client network and the server system. To ensure transparency, the TEA encrypts only the 
sensitive data, and does not alter the message format within which the data is contained. For 
example, if the data includes a social security number, the TEA may identify and encrypt the 
social security number, without altering tags or other metadata that identify it as a social security 
number. Then, the database server can receive and process the transaction exactly as it would 
have processed the unencrypted transaction, but the data stored in the database is the encrypted 
data. That has the advantages that the client and the database server do not need to be altered in 
any way to enable securing, and do not even need to know whether the securing is taking place, 
and the TEA does not need to be customized in any way to the specific database system. 

The claimed system was contrasted with the systems of US 7,1 1 1,005 (Wessman) and US 
7,415,429 (Rollins). In Wessman, the encryption is tied to the database columns. Thus, the 
encryption interface cannot be made transparent to the database system, and cannot be moved to 
a TEA device, as claimed, because the encryption cannot be invoked until the transaction has 
been converted from a network transaction format to a database record format. In Rollins, the 
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"Integrated Order Mechanism 308" is a separate interposed device, but encrypts entire messages 
"using a secure communications protocol such as SSL" so that they must be decrypted on arrival 
at the server, and the IOM 308 cannot achieve encryption of the data stored in the database. 

The Examiner believed that prior art showing encryption of only the sensitive data within 
a transaction separately from the database server exists. Applicants' representative requested the 
Examiner to cite a specific reference, so that it could be properly addressed on its merits. The 
Examiner advised that a further search would be required, which he could not effectively address 
after final rejection. 

Various possible amendments to the claims were discussed. The Examiner suggested 
that the data flows would be easier to understand if the "network interface" of previous claim 32 
was identified as a "client interface" for contrast with the "server interface," and that change has 
been adopted throughout. The Examiner requested that claim 32 be amended to emphasize that 
the TEA is between the client network and the server system, and that has been done. Similar 
amendments have been made to the other independent claims. In particular, claim 55 has been 
subdivided into amended claim 55 and new claim 56, to separate the code running on the 
transparent encryption appliance from the code running on the separate web server. 

Claim objections 

The Examiner requested corrections to the wording of claims 32 and 52, which have been 

made. 

In addition, the Examiner pointed out in his Response to Applicants' previous arguments 
that claim 32 contained significant text that did not effectively limit the claim. Because claim 32 
is directed to the appliance per se, description of the client network and the server environment is 
limiting only to the extent that it implies a limitation on the features of the appliance. The 
opportunity has been taken to delete some of the non-limiting language, and to separate the 
contextual matter in the preamble more distinctly from the body of the claim. 
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Claim Rejections - 35 USC S 112 

Claims 32-41 stand rejected under 35 USC § 1 12, first paragraph, on the ground that the 
feature of "a web server environment that does not include the appliance" is allegedly not 
supported by the original disclosure. The rejection is traversed. In Fig. 1, the web server 
environment is "server system 104" and the appliance is "transparent encryption appliance 102", 
and the drawing clearly shows that the server system 104 does not include the TEA 102. 
Similarly, in Fig. 2, server system 104 does not include TEA 202 or TEA 204, and in Fig. 4, 
server system 104 does not include TEA 102 or TEA 204. 

Claims 32-41 stand rejected under 35 USC § 1 12, second paragraph, on the ground that it 
was allegedly unclear whether "a database" in lines 17 and 21-22 referred to the same database. 
This rejection is moot in view of the present amendments. 

Claim Rejections - 35 USC § 102 
Claims 43 and 51 

Claims 43 and 51 stand rejected under 35 USC § 102(e) as being allegedly anticipated by 
Rollins (US Patent 7,415,429). Claims 43 and 51 are canceled, and the rejection is therefore 
moot. 

Claim Rejections - 35 USC S 103 

Claims 32-33, 35-41, 44, 46-49, and 52-55 

Claims 32-33, 35-41, 44, 46-49, and 52-55, of which claims 32, 44, 52, 53, and 55 are 
independent, stand rejected under 35 USC § 103(a) as being allegedly obvious over Wessman 
(US Patent 7,1 1 1,005) in view of Johnson (US Patent 6,898,577). The rejection is traversed with 
regard to the claims as now presented. 
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Independent claims 32, 44, 53, and 55, as now presented, recite a separate appliance 
interposed between the client network and the server system that transparently protects and 
unprotects only sensitive data within a transaction between the client and the server. 

In contrast, Wessman describes a server 112 that provides both securing/unsecuring data 
204, 206 and storing/retrieving the data 208, 210, wherein the securing/unsecuring functions are 
tied in to the database columns, and cannot be separated from the storing/retrieving functions. 
See, for example, col. 6, lines 2-4 of Wessman. 

Johnson is cited as showing in general client and server devices with interfaces to a 
network. However, it would not have been obvious to modify Wessman in view of Johnson to 
provide Wessman' s encryption device with an external interface to the server because, as 
explained above, it would be not only non-obvious but effectively impossible to separate the 
securing/unsecuring functions from the storing/retrieving functions of the database server. There 
is thus no place where an interface taken from Johnson could meaningfully be inserted, and if 
such an interface was inserted, the result would not be the claimed combination. 

At least for the reasons presented above, the combination of Wessman and Johnson does 
not disclose or suggest all of the features claimed, and claims 32, 44, 53, and 55 are allowable 
over Wessman and Johnson. Claims 33 and 35-41 depend from claim 32, claims 46-49 depend 
from claim 44, and claim 54 depends from claim 53, and those claims comprise all of the 
features of their respective base claims. Therefore, without prejudice to their own individual 
merits, those claims are also allowable over Wessman and Johnson for at least the same reasons 
as their base claims. 

Reconsideration and withdrawal of the section 102 rejection of claims 32-33, 35-41, 44, 
46-49, and 53-55 are respectfully requested. 

Claims 34, 42, 45, and 50 

Claims 34, 42, 45, and 50 stand rejected under 35 USC § 103(a) as being allegedly 
unpatentable over Wessman and Johnson in view of Rollins. The rejection is traversed in view 
of the claims as now presented. 
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Claims 34 and 42 depend from claim 32, and claims 45 and 50 depend from claim 44 5 
and it is noted that Rollins is relied on only for the additional features of claims 34, 42, 45, and 
50. Without prejudice to their own individual merits, claims 34, 42, 45, and 50 are deemed to be 
allowable over the cited references for at least the same reasons their respective base claims are 
allowable over Wessman and Johnson. 

Reconsideration and withdrawal of the section 103 rejection of claims 34, 42, 45, and 50 
are respectfully requested. 



Conclusion 

In view of the foregoing amendment and remarks, applicants respectfully submit that the 
present application, including claims 32-55, is in condition for allowance and an early notice of 
allowance is respectfully requested. 

Respectfully submitted, 
DANBONEH, etai 
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